[isalist] Re: IP Phone AdviseHI all, I actually did a couple of big AD, Exchange and Desktop migrations in California last year. What we did with policies is not allow for desktop software that needed push/pull ports etc. Such as, those automated desktop wallpapers, yahoo browser addin or any addin for that matter and definately no mp3's so, I wrote a couple of programs that did a quick scan of the users HD on boot up making sure that no MP3 players or such were loaded. One owner of the company even went as far as saying good employee but no internet connection in the nt domain account description. I guess that was left there so we did not allow that access. All, access was done via group policies. Joseph ----- Original Message ----- From: Quillman Shawn (RBNA/CSA1) To: [ISAserver.org Discussion List] Sent: Wednesday, April 07, 2004 10:01 AM Subject: [isalist] RE: browser hijacking http://www.ISAserver.org This is a multi-part message in MIME format. ------------------------------------------------------------------------------ Yep, and I'm with you on the tool thing as protection from what your AUP allows. Question, though: have any of these places experienced damages and/or loss of uptime due to something getting in (extending beyond one or two individual users)? If not, is there a model that you can put together to show them what would happen and how enforcing an AUP would help and possibly prevent the damages? And of course the follow-up question: do they care...? In many of the small businesses that I've dealt with the folks making the calls are money people and when you show money flying out the window to money people it tends to get a reaction. -Shawn ----- Shawn R. Quillman Robert Bosch Corporation RBNA/CSA1 38000 Hills Tech Drive Farmington Hills, MI 48331 (248) 553-1164 (P) (248) 848-6969 (F) shawn.quillman@xxxxxxxxxxxx -----Original Message----- From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] Sent: Wednesday, April 07, 2004 12:43 PM To: [ISAserver.org Discussion List] Subject: browser hijacking Shawn, It's not that I disagree with you it's just that the policy in place at all but one client that I work for is allow everything. In one location it is allow everything except for the problem child and he gets no Internet. I let them know that I can block certain kinds of web access but the response is always no. They prefer to deal with the problem on a human resources level rather than an IS level. They've found that if they have someone that isn't behaving themselves on the Internet then they also have an employee that they have other problems with. I've seen it several times where when I report Internet abuse it ends up getting the person fired not because they broke the AUP policy (which doesn't exist) but because it was the straw that broke the camels back as it were. Everyone else works happily along with full access to the Internet. Such is life in the small business arena. Amy ------------------------------------------------------------------------------ ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: cismic@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')